Due to the presence of SMEP, this is now no longer possible. In the past, kernel exploits commonly redirected execution to memory allocated in user-land.
In the reality, the actual format for virtual addresses looks more like the illustration below: In the previous example, we had physical frames referenced by PTEs (page table entries) within PTs (page tables). However, in practice the processor is not only using page tables, but uses four different structures. For a 64-bit x86_64 processor, the virtual address translation is roughly the same. If we consider a format for virtual addresses that consists of a page table field followed by an offset referencing a byte within this page, the same address 4210 would correspond to two different physical locations according to which process is currently running (and which page table is currently active). Thus we can have a process A with a page table PA containing an entry “page 42 references frame 13” and a process B with a page table PB containing an entry “page 42 references frame 37”. Of course, these frames are unique, whereas pages are relative to their page table. Each entry of this page table will contain the information “virtual page X references physical frame Y”. Let’s first consider a toy example where we only have page tables in order to perform the translation.įor each running process, the processor will use a different page table. There are several paging structures involved in this process.
With the use of virtual memory, the CPU needs a way to translate virtual addresses to physical addresses.
0 kommentar(er)
